Vulnerabilities > Archerirm > Archer > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-22 CVE-2024-49209 Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files.
network
low complexity
archerirm CWE-863
4.3
2024-10-22 CVE-2024-49210 Cross-site Scripting vulnerability in Archerirm Archer
Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09.
network
low complexity
archerirm CWE-79
6.1
2024-10-22 CVE-2024-49211 Cross-site Scripting vulnerability in Archerirm Archer
Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08.
network
low complexity
archerirm CWE-79
6.1
2024-07-25 CVE-2024-41705 Cross-site Scripting vulnerability in Archerirm Archer
A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06.
network
low complexity
archerirm CWE-79
5.4
2024-07-25 CVE-2024-41706 Cross-site Scripting vulnerability in Archerirm Archer
A stored XSS issue was discovered in Archer Platform 6 before version 2024.06.
network
low complexity
archerirm CWE-79
5.4
2024-07-25 CVE-2024-41707 Cross-site Scripting vulnerability in Archerirm Archer
An issue was discovered in Archer Platform 6 before 2024.06.
network
low complexity
archerirm CWE-79
5.4
2023-12-12 CVE-2023-48642 Cross-site Scripting vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated HTML content injection vulnerability.
network
low complexity
archerirm CWE-79
5.4
2023-10-17 CVE-2023-45357 Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability.
network
low complexity
archerirm CWE-668
6.5
2023-10-17 CVE-2023-45358 Cross-site Scripting vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability.
network
low complexity
archerirm CWE-79
5.4
2023-07-14 CVE-2023-32759 Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer 6.10.0.3/6.3.0.0/6.9.3.4
An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL.
network
low complexity
archerirm CWE-668
6.5